top of page
  • Writer's pictureFYEO

FYEO Agent: An Evolutionary Approach to Phishing Protection


The FYEO Agent anti-phishing solution is powered by FYEO's Fisko AI. The AI model is based on a large language model (LLM) and is incrementally trained on the data collected in the Site Reputation Database, allowing it to adapt to new threats and improve its classification accuracy over time. New phishing sites and malware sites are added to the database as they are detected.
FYEO Agent blocks phishing links in the browser



Phishing attacks remain a major problem for individuals as well as organizations, causing significant financial losses and exposing of sensitive information.


Traditional phishing protection solutions have focused on email filtering blacklists, often falling behind the rapidly evolving threat landscape. In this blog post, we introduce the FYEO Agent, an innovative end-point protection system that leverages AI and reputation sources to offer a more effective solution against phishing attacks and malicious websites regardless of the source. Email protection is so nineties. Let's crowdsource the future of threat intelligence together.


What is FYEO Agent

The FYEO Agent extension combines five components to provide comprehensive protection against malicious websites


  • Site Reputation Database: This database collects information on newly registered sites, known malicious sites, and user-reported sites, incorporating data from open sources to create a reputation database updated in real-time.

  • Fisko AI: The AI model is based on a large language model (LLM) and is incrementally trained on the data collected in the Site Reputation Database, allowing it to adapt to new threats and improve its classification accuracy over time. New phishing sites and malware sites are added to the db as they are detected.

  • Browser Extension: The Agent extension informs users of potential navigation risks or prevents them from navigating to malicious sites, offering real-time protection based on the AI model's decisions.

  • Realtime protection: While most traditional blocking solutions, whether in email blocking or url filtering, are using blocklists that are updated hourly or sometimes even daily, the FYEO Agent is utilizing real time Database synchronization with our servers offering real-time protection.

  • Management Portal: For organizations, we offer FYEO Agent+ for the FYEO Domain Intelligence portal where they can manage incidents and potential threats identified by the system, simplifying the incident management process.


What makes the FYEO Agent Different


Comprehensive Coverage Across Multiple Attack Vectors

Email scanning focuses primarily on detecting malicious links within emails, but phishing attacks can originate from various sources, including social media, instant messaging, and compromised websites. Blocking malicious links at the browser level ensures protection across all these attack vectors, offering a more comprehensive defense.


Adaptive detection model

FYEO Agent stands out from other phishing protection solutions through its continuous learning and self-correcting capabilities. The AI model is continuously retrained with new data, allowing it to stay up-to-date and adapt to the latest threats. This ensures that the system remains effective against evolving phishing attacks and malicious websites.


Real-Time Protection Against Emerging Threats

Phishing attacks and malicious websites evolve rapidly, often rendering email scanning solutions outdated. By implementing browser-level protection, users benefit from real-time updates to reputation data and machine learning models, ensuring that the defense mechanisms stay current with the latest threats.


Mitigating the Impact of Human Error

Even with email scanning in place, users can still fall victim to phishing attacks by accidentally clicking on malicious links from Discord, Telegram and TicToc or even Facebook. Browser-level protection serves as an additional safety net, warning or preventing users from navigating to malicious websites, thus reducing the likelihood of successful phishing or malware attacks.


Dynamic Analysis and Contextual Information:

Blocking malicious links at the browser level allows for a more dynamic analysis of web content and the inclusion of contextual information, such as user behavior and browsing patterns without reporting this to a central server. This additional context can enhance the accuracy of threat detection and classification, enabling a more effective defense against phishing attacks and malicious websites without compromising privacy.


User Privacy and Decentralized Protection:

By blocking malicious links directly in the browser, user privacy is better preserved, as potentially sensitive browsing data does not need to be shared with external scanning services. Moreover, decentralized protection reduces the reliance on a single point of failure, ensuring that the defense mechanism remains robust even if one component is compromised or as is now common users are bringing their own devices.


Is this the end of email scanners?

While email scanning can serve as a valuable initial line of defense against phishing attacks, it is not a comprehensive solution. Blocking malicious links at the browser level provides several advantages, including comprehensive coverage across multiple attack vectors, real-time protection against emerging threats, mitigation of human error, enhanced threat detection through dynamic analysis and contextual information, and improved user privacy. By incorporating browser-level protection, organizations can better safeguard their users from the ever-evolving landscape of phishing attacks and malicious websites.





Comments


bottom of page